On Tue, 5 May 1998 21:49:58 -0000, Adrian Midgley wrote:
>Yes. Two observations:-
>
>1. This can be done retrospectively - "did you _really_ say that" "no"
>"it is signed" "here is _my_ key" ...doesn't fit. (and the key
>certified at that point by a common acquaintance as having been the
>same earlier etc etc)
Yes, indeed. It is better, however, to establish that authenticity
directly between 2 people who can then each move outwards expanding the
domain of trust. Cut out the middle man.
My memory fails me, but, Paul Galloway: remind me how we did it? I
think John Williams was also involved in that authentication?
>2. The newest version of the Palm Pilot, Palm 3, has an infrared port,
>for exchanging digital business cards, I wonder if one can swap public
>keys with that?
>Other palmtops have IR, as a general application that could be a useful
>facility.
Indeed, your PGP public key would be part of your biz card. However,
your public key can also be posted on the PGP server for anybody to
download. A practice, I presume, that would enable wider
distribution of the public key.
Ahmad
________________________________________
Dr Ahmad Risk
http://mednetics.org
home: +44 1273 724866
work: +44 1737 240022
fax: +44 1737 244660
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|